144
Proton’s Lumo AI chatbot: not end-to-end encrypted, not open source
(pivot-to-ai.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 03 Aug 2025
144 points (97.4% liked)
Technology
74251 readers
851 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
I don’t think that’s obvious at all. On the contrary, that’s a pretty bold claim to make, do you have any evidence that they’re doing this?
Incoming Emails that aren't from proton, or PGP encrypted (which are like 99% of emails), arrives at Proton Servers via TLS which they decrypt and then have the full plaintext. This is not some conspiracy, this is just how email works.
Now, Proton and various other "encrypted email" services then take that plaintext and encypt it with your public key, then store the ciphertext on their servers, and then they're supposed to discard the plaintext, so that in case of a future court order, they wouldn't have the plaintext anymore.
But you can't be certain if they are lying, since they do necessarily have to have access to the plaintext for email to function. So "we can't read your emails" comes with a huge asterisk, it onlu applies to those sent between Proton accounts or other PGP encrypted emails, your average bank statement and tax forms are all accessible by Proton (you're only relying on their promise to not read it).
Ok yeah thats a far cry from Proton actually “Having your unencrypted emails on their servers” as if they’re not encrypted at rest.
There’s the standard layer of trust you need to have in a third party when you’re not self hosting. Proton has proven so far that they do in fact encrypt your emails and haven’t given any up to authorities when ordered to so I’m not sure where the issue is. I thought they were caught not encrypting them or something.
We need to call for an audit on Protons policy and see if they actually do what they say, that way we can know for almost certain that everything is good as they say
I mean we know from documented events that Proton doesn’t store you emails in plain text because there have been Swiss orders to turn over information which they have to comply with and they’ve never turned in emails, because they can’t.
Do you have a source for that? I know they handed over an IP address, but I haven't heard about them handing over an email.
As far as I know they have not handed over any emails.
That's what I thought, but you never know.
I hate it when people share this bullshit without proof, as far as I know Proton is still fighting for pro consumer and pro privacy laws and services.